mirror of https://github.com/Qortal/Brooklyn
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
43 lines
1.5 KiB
43 lines
1.5 KiB
============================= |
|
Namespaces compatibility list |
|
============================= |
|
|
|
This document contains the information about the problems user |
|
may have when creating tasks living in different namespaces. |
|
|
|
Here's the summary. This matrix shows the known problems, that |
|
occur when tasks share some namespace (the columns) while living |
|
in different other namespaces (the rows): |
|
|
|
==== === === === === ==== === |
|
- UTS IPC VFS PID User Net |
|
==== === === === === ==== === |
|
UTS X |
|
IPC X 1 |
|
VFS X |
|
PID 1 1 X |
|
User 2 2 X |
|
Net X |
|
==== === === === === ==== === |
|
|
|
1. Both the IPC and the PID namespaces provide IDs to address |
|
object inside the kernel. E.g. semaphore with IPCID or |
|
process group with pid. |
|
|
|
In both cases, tasks shouldn't try exposing this ID to some |
|
other task living in a different namespace via a shared filesystem |
|
or IPC shmem/message. The fact is that this ID is only valid |
|
within the namespace it was obtained in and may refer to some |
|
other object in another namespace. |
|
|
|
2. Intentionally, two equal user IDs in different user namespaces |
|
should not be equal from the VFS point of view. In other |
|
words, user 10 in one user namespace shouldn't have the same |
|
access permissions to files, belonging to user 10 in another |
|
namespace. |
|
|
|
The same is true for the IPC namespaces being shared - two users |
|
from different user namespaces should not access the same IPC objects |
|
even having equal UIDs. |
|
|
|
But currently this is not so.
|
|
|